Cyber Resilience Act (CRA) stories

NCC Group says geopolitics, digital sovereignty and AI are driving tougher cyber rules, with boards facing greater accountability and scrutiny.

Cloudsmith survey finds most engineering teams still lack automated SBOM checks, leaving many unready for fast EU Cyber Resilience Act audits.

2N calls for tougher cyber rules on access control, urging stronger vulnerability reporting, tighter component sourcing and longer support lifecycles.

Red Hat survey finds 97% of organisations hit by cloud-native security incidents, forcing delays, higher costs and loss of customer trust.

Red Hat reports 97% of organisations suffered cloud-native security incidents last year, exposing basic failings in configuration and governance.

Cloudsmith adds automated controls to quarantine and block risky dependencies, tightening enforcement on software supply chain security.

OpenSSF adds new members and launches AI security, supply chain and training initiatives after securing USD $12.5 million in funding.

Keysight debuts SBOM Manager to automate software bills of materials as EU and US cyber rules tighten transparency and compliance demands.

Secure.com warns most apps hide critical flaws in open source components, as unpatched dependencies and licence risks leave firms exposed.

Ransomware drives over half of UK cyber incidents as data loss surges, with healthcare, retail and complex supply chains hardest hit.

NCC warns that insecure connected farm machinery could let cyber attacks disrupt harvests, cut yields and threaten food supply chains.

Xiid and Cytex join forces to fuse AI governance with zero trust access, targeting shrinking attack paths and stricter cyber regulation.

ENCS and DIVD have agreed a new cyber pact to uncover and disclose vulnerabilities in Europe's high-impact energy and critical systems.

Umbraco's product arm wins ISO 27001/IEC:2022 certification, boosting security credentials for its open-source .NET CMS and partners.

Brussels moves to tighten EU cyber rules, targeting high risk foreign vendors while streamlining certification and boosting sovereignty.

Industrial AI and IT/OT convergence are forcing factories to abandon closed networks and adopt hybrid, zero trust cyber security architectures.

Vincent Lomba joins ENISA's Advisory Group, bringing industry insight to EU efforts on NIS2, the Cyber Resilience Act and digital sovereignty.

Codific urges boards to prioritise preemptive cyber defence, identity and supply-chain control as 2026 scrutiny and rules tighten.

CommScope launches PRiSM-based secure boot signing for TI AM6x chips, aiming to simplify compliance with tightening industrial cyber rules.

Codific sees 2026 cybersecurity shaped by shadow AI, passwordless logins, tighter regulation and a sharper focus on software supply chains.